[stunnel-users] SSLPassPhraseDialog

• Previous message (by thread): [stunnel-users] SSLPassPhraseDialog
• Next message (by thread): [stunnel-users] SSLPassPhraseDialog
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Avinash Gaonkar" <agaonkar at gmail.com> wrote:
> How can we configure ssl key passphrase in stunnel config file.
> for. eg SSLPassPhraseDialog  exec:/path/to/passphrase-file
> parameter we have in apache, so no need to key in password
> every time when we restart service.

Passphrase in a file is a very bad idea.  It makes the solution more
complex without any security benefit (in fact it makes things even worse if
you re-use your passphrase anywhere else).  Simply decrypt your private key
instead and use filesystem permissions to protect it.

Mike

• Previous message (by thread): [stunnel-users] SSLPassPhraseDialog
• Next message (by thread): [stunnel-users] SSLPassPhraseDialog
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]